Debian DSA-114-1 : gnujsp - unauthorized file access

Thomas Springer found a vulnerability in GNUJSP, a Java servlet that allows you to insert Java source code into HTML files. The problem can be used to bypass access restrictions in the web server. An attacker can view the contents of directories and download files directly rather then receiving...

CVE-2002-0300

gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file...

[SECURITY] [DSA 114-1] New GNUJSP packages fix directory and script source disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 114-1 [email protected] http://www.debian.org/security/ Martin Schulze February 21th, 2002 - -------------------------------------------------------------------------- Package : gnujsp...

GNUJSP 1.0 - File Disclosure

source: https://www.securityfocus.com/bid/4125/info GNUJSP is a freely available, open-source implementation of Sun's Java Server Pages. It will run on most Unix and Linux variants, as well as Microsoft Windows NT/2000 operating systems. It has been reported that a remote attacker may disclose th...